Subject: CUPS vulnerabilities fixed? Need to update pkg-vulnerabilities file
To: None <email@example.com, firstname.lastname@example.org>
From: Andrew Daugherity <email@example.com>
Date: 02/22/2006 22:35:45
I see that the new CUPS package (1.1.23nb7) has supposedly fixed the
[From CVS log for print/cups/Makefile, Revision 22.214.171.124]
Port the security fixes for SA18303 from print/xpdf to print/cups.
Thanks for importing the patches!
However, the pkg-vulnerabilities file still shows all versions of CUPS
as being vulnerable:
cups-[0-9]* 1721,denial-of-service =20
cups-[0-9]* 1722,arbitrary-code-execution =20
If the recent patches have indeed corrected these advisories, could
someone please update the pkg-vulnerabilities file? (Note that SA
18332 is for CUPS, 18303 is for xpdf, but they seem to describe the